[discuss] IPv6 Deployment and IG

John Curran jcurran at arin.net
Thu Dec 26 13:16:51 UTC 2013


On Dec 25, 2013, at 2:23 PM, Brian E Carpenter <brian.e.carpenter at gmail.com> wrote:
> On 25/12/2013 20:17, John Curran wrote:
> 
>> For example, it is now recognized that IPv6 deployment is going to be 
>> both prolonged and asynchronous.  The implication of this is that we
>> will have a period of production IPv6 usage while production IPv4 is
>> also in use, and many would say this is just fine presuming that it is 
>> occurring based on actual market need.  Even so, the opportunity for 
>> consumer confusion abounds (does a given Internet service provide IPv4,
>> IPv6, or both; how do I distinguish between a website on just IPv4
>> versus one fully-connected to both IPv4 and IPv6, etc.)   This type
>> of issue is generally considered a "truth in labeling/advertising"
>> matter, and while it may not be an issue today, it has high potential
>> in the near future (particularly when products like Internet-of-things
>> IPv6-only sensors appear, and when connectivity services with CGN-based
>> IPv4 compatibility approach scaling limits)   Saying that something is 
>> "on the Internet" today when it actually is not IPv6-reachable is likely 
>> a form of unintended misrepresentation, since dual-stack is the official
>> transition strategy and IPv6 is now in production.
> 
> I completely agree, and yes, truth in advertising is an issue. That's
> why I very much like RFC 4084, which, by the way, mentions both IP version
> support and wiretapping as items that an ISP might cover in its service
> description.

RFC 4084 is indeed an excellent document in that it provides clear terms
for many shades of Internet connectivity. In theory, consistent use of 
these terms would provide better informed customers and better alignment
between expectations and capabilities. However, to the best of my knowledge, 
the terminology therein is unknown to those marketing Internet services 
today (or by those supervising marketing of Internet services to the public.)

It's excellent example where the IETF has quite a bit of effort with the 
goal of a better Internet, but follow-on engagement with greater Internet
service provider industry (and potentially governments where applicable) 
hasn't occurred.

Yes, we could revise RFC 4084 to include terminology for the more grave
situations of IPv4-only, IPv4 and IPv6, IPv6-only, IPv4-with-forward-IPv6
compatibility, IPv6 with backward IPv4 compatibility, etc...  It will not 
matter to Internet users if there is no follow-on engagement in getting 
the terminology used in the industry, and in this particular case, we're 
not talking about the nuance of whether you have a firewall in place, or 
are on a dynamic address, but the rather more stark situation of whether 
an entire class of services/devices are usable or not (because you and 
the other end both are "on the Internet" but with different protocols...)

> I'll concede that this is a governance matter and not just technical
> coordination. On the other hand, it's one that is generally subject to
> national law.

Nearly everything is subject to national law, except for a handful of
extra-territorial places on the planet and in space.  

A matter being subject to national law doesn't actually mean that any
government knows there is an issue, nor more importantly how that issue
may intersect the government's perceived policy public goals.  In the 
case of Internet issues, there is also the nuance that while a matter 
may be subject to national law, governments (that feel a need to get 
involved) may also may have to accept that there are constraints in 
the range of choices available to them, if they truly wish to maintain 
interoperability and connectivity with the global Internet.

>> Another issue relates to the net neutrality aspects of continued IPv4
>> usage via CGN gateways.  As folks may (or may not) be aware, carrier 
>> grade nat solutions results in each IPv4 address being used for an 
>> ever increasing numbers of user connections, and there are some rather
>> interesting implications for services that open large numbers of 
>> connections or that require translation at real-time speeds for audio
>> or video streaming...  This raises a potential for impact to various
>> competing services entirely due to "proper" network management reasons. 
>> These same CGN devices also are very problematic for legitimate law 
>> enforcement activities, requiring complex log synchronization and new
>> retention requirements.
> 
> True. But I'm at a loss to see the international aspect of that.

Law enforcement across the Internet is inherently transnational, and hence
the expectations that a government has for other governments' cooperation,
(and the obligations that it itself is willing to accept to meet expectations
of other governments in this area) are indeed topics that international in 
nature. Furthermore, the privacy expectations of other governments with 
respect to treatment of data pertaining to their citizens is also quite 
germane in any discussion in this area.

> It sounds like a debate for each nation state.

As noted above, there are very real and valid international aspects to
be considered, but furthermore, the equipment manufacturers ultimately
have to provide some of the necessary support (hardware and software) 
and there are many cases where the options end up in silicon; success
is possible when there is a small number of coordinated options, but is
likely impossible to achieve if dozens of governments establish their own 
parameters on how this necessary support should be provided. Review 
<http://www.ietf.org/id/draft-donley-behave-deterministic-cgn-06.txt> 
for some of challenges involved; greater levels of Internet coordination
in this area may actually be a prerequisite for any ability to have after-
the-fact attribution of Internet traffic during large-scale CGN deployment.

For those thinking this support for traffic attribution in support of law 
enforcement may not be all that important an issue, we've already had 
situations of child abduction/exploitation and armed robbery which remain 
open due to the very limited use of CGN-based transition to IPv6 on the 
Internet today, and this will be more common with increased deployment
of these transition technologies (unless appropriate measures are taken
during deployment which accommodate these requirements.)

Ergo, IPv6 deployment is a fine example of a Internet issue which calls 
for more Internet coordination discussion, and may even call for a level 
of "Internet governance" discussion (one involving a formal role for 
governments) unless we're willing to accept purely voluntarily traffic
attribution capabilities...

>> The IPv6 deployment rate may not be issue (if one accepts market-based 
>> deployment model) but "IPv6 deployment" still has significant potential 
>> for issues in consumer confusion, indirect net neutrality implications, 
>> tracking issues for law enforcement due to widespread CGN use, and more.
>> I do not think that "IPv6 Deployment" can be readily dismissed as a
>> potential topic rich with Internet governance/coordination implications.
> 
> It's that conflation -- "governance/coordination" -- that gives me
> heartburn. Technical coordination is one thing, and doesn't need the
> intervention of governments. Governance is another thing; it may need
> the intervention of governments. Lumping the two things together
> is very problematic.

See above - as it turns out, the success of the Internet and its potential
for economic and social impact create many more opportunities for its manner
of technical and operational coordination to intersect with public policy
obligations that governments perceive and hold at their own, and thus result 
in "Internet governance" issues.

Thanks!
/John

Disclaimer:  My views alone.  (Santa - since we're starting anew, please do 
             not count my postings to 1net discuss when considering whether 
             I'm on the naughty or nice list... ;-)
             






More information about the discuss mailing list